Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

08/03/2024, 09:25

240308-ldsftacd9x 8

08/03/2024, 09:09

240308-k4tacsbc94 7

General

  • Target

    Launcher.exe

  • Size

    81.7MB

  • Sample

    240308-ldsftacd9x

  • MD5

    d4f685deb88b48dc0e55703f7ab56d82

  • SHA1

    4db0f7c4a2c299eeeecb258c14d13c8c0714206a

  • SHA256

    98faaafd3b450d836415eff09da56591fe31c54b4a668498416537262f2cd4c6

  • SHA512

    e5794ca50a3336f4a0cd0f135fd78900dc6104c5e83791e15bc4887bd3b3ae3f6eb991fcb1261fcb6a15a539724f2b6b7ec4a8535a3a885be721a27413de8b36

  • SSDEEP

    1572864:V/WHHr9qNUFkOVYIIu+eTt1Thl1RJzve1FizRreIQeLcsbI+No77:V/8L9qKiOYu+yzThlFzW1FizAIBQcNM7

Score
8/10

Malware Config

Targets

    • Target

      Launcher.exe

    • Size

      81.7MB

    • MD5

      d4f685deb88b48dc0e55703f7ab56d82

    • SHA1

      4db0f7c4a2c299eeeecb258c14d13c8c0714206a

    • SHA256

      98faaafd3b450d836415eff09da56591fe31c54b4a668498416537262f2cd4c6

    • SHA512

      e5794ca50a3336f4a0cd0f135fd78900dc6104c5e83791e15bc4887bd3b3ae3f6eb991fcb1261fcb6a15a539724f2b6b7ec4a8535a3a885be721a27413de8b36

    • SSDEEP

      1572864:V/WHHr9qNUFkOVYIIu+eTt1Thl1RJzve1FizRreIQeLcsbI+No77:V/8L9qKiOYu+yzThlFzW1FizAIBQcNM7

    Score
    8/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks